hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

4906 Commits

Author SHA1 Message Date
Harry Maclean
7ee7a0df34 Ruby: fix prefix in create-extractor-pack scripts 2023-03-14 18:12:01 +13:00
Harry Maclean
d814e15a2f Ruby: Refactor 2023-03-14 12:58:32 +13:00
Harry Maclean
f3272239bd Ruby: Format rust files 2023-03-14 12:31:50 +13:00
Harry Maclean
cd9927cf66 Ruby: Update create-extractor-pack 2023-03-14 12:23:09 +13:00
Harry Maclean
e070bd512e Ruby: Move some support files to new extractor 2023-03-14 12:07:39 +13:00
Harry Maclean
194edd76e5 Ruby: Put all binaries in same directory 2023-03-14 12:03:46 +13:00
Harry Maclean
a7e276343e Ruby: Update .gitignore for moved extractor 2023-03-14 12:03:03 +13:00
Harry Maclean
f53c31398c Ruby: Fix imports in extractor 2023-03-14 12:02:11 +13:00
Harry Maclean
15bd825805 Ruby: finish reorganising extractor files 2023-03-14 11:49:18 +13:00
Harry Maclean
6f23111320 Ruby: Remove old Cargo.toml files 2023-03-14 11:47:21 +13:00
Harry Maclean
983b84276b Ruby: Lift extractor binaries 2023-03-14 11:45:46 +13:00
Harry Maclean
1a71c3f174 Ruby: Merge extractor crates 
This just moves the files, so as not to confuse git when we make changes
to them.
 2023-03-14 11:43:17 +13:00
erik-krogh
8b99e8af88 fix bad join by removing bad recursion 2023-03-13 17:34:11 +01:00
erik-krogh
25a6d496d9 Merge branch 'main' into HEAD 2023-03-13 17:33:06 +01:00
Tony Torralba
705691b096 Merge pull request #12446 from github/java/update-mad-decls-after-triage-2023-03-08T14-51-59 
Java: Update MaD Declarations after Triage
 2023-03-13 14:07:59 +01:00
Anders Schack-Mulligen
0c95ab2cdc Merge pull request #12474 from hvitved/dataflow/call-back-post-update 
Data flow: Synthesize post-update nodes for callback arguments inside summarized callables
 2023-03-13 13:21:52 +01:00
dependabot[bot]
6e75df4088 Merge pull request #12494 from github/dependabot/cargo/ruby/serde-1.0.155 2023-03-13 11:49:00 +00:00
Erik Krogh Kristensen
060c37b6a2 Merge pull request #12345 from erik-krogh/delOldDeps 
delete old deprecations
 2023-03-13 12:48:24 +01:00
Tom Hvitved
163bb2b94d Add change note 2023-03-13 12:45:46 +01:00
Tom Hvitved
714b61b63e Ruby: Add missing flow through self.new constructor calls 2023-03-13 12:45:46 +01:00
dependabot[bot]
219bac74bf Bump serde from 1.0.154 to 1.0.155 in /ruby 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.154 to 1.0.155.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.154...v1.0.155)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 11:36:09 +00:00
Arthur Baars
e0a49e2999 Merge pull request #12486 from aibaars/windows-long-paths 
Ruby: support long paths on Windows
 2023-03-13 12:18:50 +01:00
Arthur Baars
41a53ec109 Address comments 2023-03-13 11:50:03 +01:00
Anders Schack-Mulligen
c380ecbbbc Data flow: Add change notes. 2023-03-13 11:09:13 +01:00
erik-krogh
6c1ebd999e Merge branch 'main' into delOldDeps 2023-03-13 11:00:29 +01:00
Tom Hvitved
6ee231fac5 Ruby: Add more tests for flow through constructors 2023-03-13 10:52:01 +01:00
Harry Maclean
3734a544bc Ruby: Add change note 2023-03-13 21:38:45 +13:00
Harry Maclean
e80ff4efba Ruby: Fix tests and qldoc 2023-03-13 20:32:37 +13:00
Harry Maclean
071517c74b Ruby: Clean up Sinatra modeling 2023-03-13 19:25:56 +13:00
Harry Maclean
bfe42a656c Ruby: QL4QL fix 2023-03-13 19:04:46 +13:00
Harry Maclean
384e7c7a80 Jump step for sinatra callbacks 2023-03-13 19:03:32 +13:00
Harry Maclean
e65d7224db Ruby: tests, patterns, fix erb flow 2023-03-13 19:03:32 +13:00
Harry Maclean
eada3b91df Ruby: track flow from sinatra routes to erb files 2023-03-13 19:03:32 +13:00
Harry Maclean
c82b4638c6 Ruby: Import Sinatra modeling by default 2023-03-13 19:03:32 +13:00
Harry Maclean
a1fab31bfc Ruby: Model Sinatra 
Adds some very basic modeling of Sinatra applications.
We recognise the `params` call in Sinatra routes as an HTTP request
input access.
 2023-03-13 19:03:32 +13:00
Harry Maclean
9c3d141c9c Ruby: Add change note 2023-03-13 18:57:55 +13:00
Harry Maclean
fe995dd99b Ruby: ActiveRecord::Connection.execute SQL sink 2023-03-13 09:03:54 +13:00
Harry Maclean
025cd34dab Ruby: Taint flow through ActionController params 
We were not recognising "require" as returning a Parameters instance.
 2023-03-13 08:52:41 +13:00
Harry Maclean
2d95b6a049 Ruby: Add count_by_sql as SQL sink 2023-03-13 08:40:32 +13:00
Harry Maclean
c97dccf0de Ruby: Add reorder as a SQL sink 
In recent versions of Rails this method doesn't seem to be vulnerable,
but it may be in previous versions. There's a slight FP risk here, but
I think it is small.
 2023-03-13 08:38:17 +13:00
Arthur Baars
c67bfff33b Ruby: strip \\?\ from display paths 2023-03-10 22:32:11 +01:00
Arthur Baars
4bfcc31ef0 Ruby: support long paths on Windows 2023-03-10 22:32:11 +01:00
Anders Schack-Mulligen
1e64748ffe Dataflow: Autoformat. 2023-03-10 15:12:19 +01:00
Anders Schack-Mulligen
289f921171 Dataflow: Sync. 2023-03-10 14:56:54 +01:00
Anders Schack-Mulligen
00f0879ff5 Dataflow: Sync. 2023-03-10 14:56:54 +01:00
Tom Hvitved
6eea906bbf Data flow: Synthesize post-update nodes for callback arguments inside summarized callables 2023-03-10 12:43:21 +01:00
Tony Torralba
8aa80882ea Sync files 2023-03-10 12:35:13 +01:00
Anders Schack-Mulligen
83569911ae Merge pull request #12230 from aschackmull/all/autoformat 
Mass autoformat with class and module declarations format fix
 2023-03-10 12:29:34 +01:00
Anders Schack-Mulligen
159d8e978c Dataflow: one more autoformat post rebase 2023-03-10 10:04:35 +01:00
Anders Schack-Mulligen
a5d229903d Ruby: Autoformat 2023-03-10 09:41:20 +01:00